Wednesday, November 02, 2005
The U.S. lost the case, the subsidies were deemed to be in violation of international trade rules, and was therefore asked to stop the subsidies and bring their legislation in compliance. So far the compliance has not been forthcoming.
This is just the latest case in a series of rulings that have gone against the U.S. in international trade issues in which they are not implementing the ruling, such as the Canadian lumber case. This has prompted questions about the validity of the international trade mechanism, and allows other countries to ask the question of why they should comply. This is dangerous territory at a time that American copyright industry is trying to get China to comply with its TRIPS commitments and stop piracy.
This could open the door for a global trade war, with countries reverting to the protectionist principles before the WTO. Most importantly for the U.S. is the threat by Brazil that they might as well allow the massive copying of American movies and music, and to allow the production of patented pharmaceuticals.
Friday, October 28, 2005
In Decision 001/2005, Mr l and the Lothian & Borders Safety Camera Partnership (17 May 2005)
Mr L requested sight of the calibration certificate for equipment used in an alleged speeding offence.The Partnership argued that the information was already "otherwise accessible" under s 25 of the FOI (SC) Act by virtue of it being on the Partnership’s website. As it turned out, the particular calibration
certificate was not actually on their website at the time of the request. However, the Commissioner provided his view , making reference to the fact that most deprived households were without internet access according to the Social Justice Annual Report 2003:
“In my view therefore it is not yet possible to say that information which is solely provided on a website is reasonably accessible to people in Scotland”
This must be an expensive blow for public authorities. The commissioner stated that “where [the authority] receives a request for the information to be made
available in another format, e.g. in paper form posted to a home address, then it should do so unless there are overriding technical or cost implications.”
Other recent decisions mainly question the relationship between release of information under FOI and the protection of personal data under data protection law. This is shaping up to be a very controversial area.
Thursday, October 27, 2005
The Register quote him as saying: “It’s about externalities – like a chemical company polluting a river – they don’t live downstream and they don’t care what happens. You need regulation to make it bad business for them not to care. You need to raise the cost of doing it wrong.” Schneier said there was a parallel with the success of the environmental movement – protests and court cases made it too expensive to keep polluting and made it better business to be greener.
The analogy is appealing, but wrong. ISPs are not the polluters but the water-ways, or perhaps, their curators. The real polluters are the virus writers and bot creators - who are in most jurisdictions already criminally , and probably, civilly liable - just impossible to find.
Schneier goes on to say that ISPs should offer consumers “clean pipe” services: “Corporate ISPs do it, why don’t they offer it to my Mum? We’d all be safer and it’s in our interests to pay."
Here Schneier gets nearer to the real way forward. What Schneier, being a brilliant security expert, not a lawyer or economist, is getting wrong, is not the desirable end - ISPs helping clean up the Internet "environment" - but how to achieve it. You don't need public regulation of ISPs on the polluters model - which is unfair given the ubiquity malware is nsimply ot their fault - when it's easier to get profits to act as an incentive instead. US companies, correctly, saw cleaning up pollution as a profit loser until it was made too expensive to ignore on a PR level, but security can be turned into a money maker easy.
My Mum, much like Schneier's I suspect, has no idea how to set up a firewall or a virus checker, or come to that, her email account. But she's not that short of a bob. If she was offered, instead of the almost useless "BT Privacy", "BT Security" for an extra £12 a month, say, where BT undertook to manage the security of her machine, monitoring, reporting, isolating and cleaning it out if it was infected or zombified, etc etc, she'd take it tomorrow. ISPs should be offering security cleanfeeds instead of content ones. When there's a decent , competitive market of those, we won't NEED enviromental Internet laws - which will in any case be expensive and almost impossible to enforce universally, due to safe havens and lack of global harmonisation of criminal and public law (as Schneier himself acknowledges).
Someone pointed out to me that this isn't a solution, because those who don't buy in to a secure feed still remain vectors for infection. This is true: but it's possible we can deal with that by making the opters-out personally strictly liable for the security of their own machines (they are likely to be either the techy or the bolshy), rather than imposing inequitable liabilities on ISPs wholesale. Such an onus would be likely to drive all but those who really can look after their own machines - sysops, geeks, Linux lovers :-) - into the arms of a safefeed ISP. Another alternative for such would be to offer insurance to cover claims against them by affected consumers or networks.
Another commentor pointed out that a security service almost exactly as described above already exists - and lo! it costs £12 per month!. Truth is stranger than fiction.
The UK answer thus far is not more law but public education in the shape of the new National Hi Tech Crime Unit GetSafe camapign. We shall report on its success but remain cynical ..
Monday, October 24, 2005
says the German American Law Journal.
Words fail me really. I'm not a trademark lawyer but has "blog" not become a generic word? Does adding "law" really suffice to distinguish it as a badge of origin of particular services? Anyone out there want to comment?
"Creative Commons and Open Source are religions. Not as bad as some of the others, but nonetheless they are somebody else's vision of utopia that we're all supposed to participate in." Voidampersand.
"The sub-sect that drives me up the wall in the Wikipedians - and I speak as an avid user and browser of Wikipedia. Yes, it's an impressive achievement, but you can only tout it as an improvement over traditional encyclopeadias by rather radically redefining 'improved'. Which some of its most zealous advocates are happy to do... (Isn't it brilliant! Our users can democratically determine the value of pi by continuous re-editing!)"
"I'm tolerant and indeed supportive of OSS between consenting adults; it'd be hypocritical of me not to, as I use enough of the stuff at home - but I'm opposed to fundamentalism about it too. I don't like people saying I shouldn't have the right to protect intellectual property and make a living from it; it should be my choice".
On open source: "it's plainly a way for young white introvert males to "stick it to the man" -- in this instance, their employers"
Friday, October 21, 2005
Should a fan musical really need copyright permision? It's well known that UK and US don't go for a "private non commercial copying" exemption as Continental countries like France and Germany do, and even if they did, a public performance would never , I expect, be seen as private copying. But as Kim Weatherall comments, there's no way this performance could do anything other than encourage people to buy profit-making official Buffy CDs, DVDs and other merchandise. There's no travelling official Buffy musical whose revenues can be cut into by fan knock offs (more's the shame!) Fox is simply cutting off its nose to spite its own fans here.
Some commentators have compared this unfavourably to the permissive attitude towards Rocky Horror Show peformances which take place all over the world with massive fan , er, interpretation of the plot and cast. But the point there is that every such performance also involves a public showing of the movie, so will usually involves a revenue stream, as almost all professional cinemas will abide by normal license agreements.
Thursday, October 20, 2005
Thre are some pleasant (and less pleasant) surprises though. 72% of those asked said the Internet had made their life better. Only 23% agreed strongly that they were concerned about immoral content on the Internet, while 15% strongly disagreed (given the social difficulty of disagreeing with such a question for many parents, the "strongly"s striks me as the only section of the respondents who matter). An amazing 18% claim they post pictures on the Web and 14% keep a website , though only 5% blog (but still!). But only 17% of Britons object to ID cards and around 5% of users have given up on the Internet entirely between 2003 and 2005 for whatever reason (mainly lack of interst - only 11% cited bad experiences and 17% privacy worries.
And only 2% agree strongly that email takes up too much of their time while 65% disagree or strongly disagree. They sure as hell didn't interview me for this survey:-)
Wednesday, October 19, 2005
Remarkably few convictions have been made under the CMA s 1 and this should not hve been one. As the defense opined, it was tantamount to turning the s 1 offence into a strict liability offense. "Unauthorised access" simplex is the least serious charge in the CMA, but it cannot be regarded as an "administrative" crime, one like wrongful parking, which in the interests of the smooth running of society should be enforceable even when the party intended to do no wrong - it can earn a term of imprisonment and quite clearly demands mens rea. Section 1 of the CMA states that
1.—(1) A person is guilty of an offence if—
(a) he causes a computer to perform any function with intent to secure access to any program or data held in any computer;
(b) the access he intends to secure is unauthorised; and
(c) he knows at the time when he causes the computer to perform the function that that is the case.
Arguably, Mr Cuthbert was not trying to "secure access" as his purpose but merely as his literal means to that purpose. His true intent was merely to test whether the site was actually what it claimed to be. On the Internet, this is very dificult to establish without attempting access unless the site has a digital certificate or a SET/SSL interface. This defence could have been backed up by analysis of the statute as a whole (and its peliminary debates) which clearly assume that the access that is sought to be obtained is so sought in pursuit of some criminal or at least amoral purpose.
If we are talking only of the preservation of privacy of personal data, not about criminal activity, as we really were here, then the data protection laws should suffice without needing to go to the hacking laws. This was a case for the Information Commisioner not the police. Given the longstanding and honorable tradition of benign hacking to probe security holes (which following Cuthbert, must clearly fall within the s 1 offence) there is room for a public interest/research exemption here to clarify matters, as there is indeed in relation to the arguably much less acceptable act of possession of child pornography (see the Protection of Children Act 1978 1(4)(a) and equivalent provisions for Scotland in the Criminal Justice Act 1988 and Civic Govt )(Sc) Act 1982.) As matters stand, security professionals will be unable in any circumstances to test the validity and security of a site unless they know for sure they have authorisation fom the true owner of the site.
Friday, September 23, 2005
On Cyberprof, several US law profs argued persuasively that Google had "fair use" on their side; in Europe where fair use/dealing exemptions are very tight under the Copyright Directives, this seems highly unlikely. To be non technical, the policy question is really whether you think what Google is doing is more like making an entire copy of an MP3 without permission of the owner (clearly illegal) or more like looking up an index or digest to find extended references to useful texts (clearly legal.)
I was slightly amazed (and pleased) the first time I looked to find the whole of my own chapter on legal regulation of CCTV in the UK was available (from a book published by Asser Press) . Today, that chapter is no longer there, and two other book chapters of mine (with Kluwer) deliver only 2-3 page snippets. This seems either to be down to a damage mitigation stategy by Google to placate the publishers, or a closing of ranks by the publishers against Google, since one assumes Asser had already given permission to reproduction of the whole book in question, before the GP issue hit the fan.
My own feeling is that, as with the P2P wars, after a certain amount of legal skirmishing, eventually we will see this kind of global library full-text look-up-and-download being accepted by the rightsholders, but only when some mechanism is in place to get a royalty back to the publishers, by some kind of levy or license fee eventually charged against consumers. Cf the transition from illegal Napster to legal Napster, where you buy £10 a month to stream as much music as you like, and the record companies involved in contracts with Napster get their share. One of the arguments being thrown around in favour of Google is that GP is helping raise interest in out of print and back-list books which make little or no money for publishers, so why are the publishers suing?. But publishers must surely be waking up to the fact that that back list can become valuable very easily in a world of universal digital download of text. Google have tried it on, methinks, trying to get to offer this service without paying anything for it.
Lessig argues that as Google already makes copies of every text it spiders in order to deliver search results, finding GP illegal is the same as finding Google the search engine illegal for breach of copyright, and common sense revolts at this idea. But this is not necessarily true, as most jurisdictions now have exemptions allowing for the making of transient rather than permanent copies for "technical reasons". Search engines may reply on thse rather than "fair use" to protest their legality. The question is if such exemptions, mainly tailored to legalise caching, are phrased widely enough to cover what search engines do, and how transient Google's spider copies are. Copies are retained for days, sometimes weeks in Google's cache - can these really be regarded as transient?
In any case, in the UK, The Copyright and Related Rights Regulations 2003 implement the "temporary acts of reproduction" exception provided for in Article 5(1) of the Copyright Directive by inserting a new Section 28A into the 1988 Act, as follows:
"Copyright in a literary work, other than a computer program or a database, or in a dramatic, musical or artistic work, the typographical arrangement of a published edition, a sound recording or a film, is not infringed by the making of a temporary copy which is transient or incidental, which is an integral and essential part of a technological process and the sole purpose of which is to enable -
(a) a transmission of the work in a network between third parties by an intermediary; or
(b) a lawful use of the work;
and which has no independent economic significance.".
Google search engine would fail to get the benefit of this under (a) for sure. And the "economic significance" is also arguable - Google don't get paid for GP, but they do make money out of adverts on the main search site, depending how many people click through on advert links placed next to searches. But (b) is the heart of the argument in Google Print.So it may all, in fact, come back to fair use/fair dealing. We in Europe may need to revisit these exemptions yet again.
The point is a difficult one in terms of policy. Microsoft (and Yahoo! who a few weeks back revealed the identity of a blogger to Chinese authorities, probably exposing him to criminal penalties) are criticised for supporting censorship contrary to Western norms which they benefit from in their own home countries. But such companies can also argue that to maintain a base in these countries they have to work by local laws, and that withdrawing would merely reduce the positive importation of e-commerce prosperity and the overall impact of the Net on these countries. It is a case perhaps of medicine today, to have jam tomorrow.
Wednesday, September 21, 2005
This blog is directed towards the students in the LLM in Information Technology and the Law (both on campus and distance learning). It is not obligatory work, and it does not constitute assessment in class. The opinions expressed here are not necessarily those of the AHRC Centre.
Welcome to all our new students!